As client I am using an API of a company. To be able to connect I have to decrease the security level to CipherString = DEFAULT@SECLEVEL = 1
in /etc/ssl/openssl.cnf
using OpenSSL 1.1.1d
.
Then if I do openssl s_client -connect <servername>:443
I get:
...
No client certificate CA names sent
Peer signing digest: SHA1
Peer signature type: RSA
Server Temp Key: ECDH, P-256, 256 bits
---
SSL handshake has read 4499 bytes and written 443 bytes
Verification: OK
---
New, TLSv1.2, Cipher is ECDHE-RSA-AES256-GCM-SHA384
Server public key is 2048 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
SSL-Session:
Protocol : TLSv1.2
Cipher : ECDHE-RSA-AES256-GCM-SHA384
Session-ID: XXXXXXX
Session-ID-ctx:
Master-Key: XXXXXXXX
PSK identity: None
PSK identity hint: None
SRP username: None
Start Time: 1579345646
Timeout : 7200 (sec)
Verify return code: 0 (ok)
Extended master secret: no
Google Chrome in security panel says:
Connection - obsolete connection settings
The connection to this site is encrypted and authenticated using TLS 1.2, ECDHE_RSA with P-256, and AES_256_GCM.
The server signature uses SHA-1, which is obsolete. Enable a SHA-2 signature algorithm instead. (Note this is different from the signature in the certificate.)
Questions:
- What is the relation of
Peer signing digest
withSignature hash algorithm (Certificate)
? - Why it is connected with SHA1 when in https://www.ssllabs.com/ssltest/ gets A.
- Can I do something as client?
- If no what should they change in their servers?
Added more info:
openssl s_client -connect <servername>:443 -sigalgs <algorithm>+<hash>
(For OpenSSL 1.1.1d: SECLEVEL=2)
ECDSA+SHA512 sslv3 alert handshake failure
ECDSA+SHA384 sslv3 alert handshake failure
ECDSA+SHA256 sslv3 alert handshake failure
ECDSA+SHA1 sslv3 alert handshake failure
RSA+SHA512 sslv3 alert handshake failure
RSA+SHA384 wrong signature type
RSA+SHA256 wrong signature type
RSA+SHA1 no suitable signature algorithm
(For OpenSSL 1.1.1d: SECLEVEL=1)
ECDSA+SHA512 sslv3 alert handshake failure
ECDSA+SHA384 sslv3 alert handshake failure
ECDSA+SHA256 sslv3 alert handshake failure
ECDSA+SHA1 sslv3 alert handshake failure
RSA+SHA512 sslv3 alert handshake failure
RSA+SHA384 connects with peer signing digest SHA1 type RSA
RSA+SHA256 connects with peer signing digest SHA1 type RSA
RSA+SHA1 connects with peer signing digest SHA1 type RSA
(For OpenSSL 1.0.2k)
ECDSA+SHA512 sslv3 alert handshake failure
ECDSA+SHA384 sslv3 alert handshake failure
ECDSA+SHA256 sslv3 alert handshake failure
ECDSA+SHA1 sslv3 alert handshake failure
RSA+SHA512 connects with peer signing digest SHA1 type RSA
RSA+SHA384 connects with peer signing digest SHA1 type RSA
RSA+SHA256 connects with peer signing digest SHA1 type RSA
RSA+SHA1 connects with peer signing digest SHA1 type RSA